Space-Time Signal Processing for Detecting and Classifying Distributed Attacks in Networks

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA9550-10-C-0090
Agency Tracking Number: F09B-T09-0167
Amount: $99,994.00
Phase: Phase I
Program: STTR
Awards Year: 2010
Solicitation Year: 2009
Solicitation Topic Code: AF09-BT09
Solicitation Number: 2009.B
Small Business Information
4850 Hahns Peak Drive, Suite 200, Loveland, CO, 80538
DUNS: 956324362
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Randy Paffenroth
 Program Director
 (970) 461-2000
 randy.paffenroth@numerica.us
Business Contact
 Jeff Poore
Title: President
Phone: (970) 461-2000
Email: jeff.poore@numerica.us
Research Institution
 Colorado State University
 Cathy Smith
 B204A Engineering
Ft. Collins, CO, 80521
 (970) 491-5914
 Nonprofit college or university
Abstract
A mathematical framework for detection and classification of weak, distributed patterns on computer networks is proposed. The framework will provide rigorous methods for understanding performance bounds and optimality of intrusion detection methods, while also providing concrete and implementable algorithms. The algorithms will find immediate application in cyber-security efforts, as well as more general sensor networks. The mathematical techniques we propose to use include processing of raw data measurements at the nodes into higher-order process states using Numerica’s expertise in advanced multiple hypothesis testing , extensions of recently developed compressed sensing methods for compression of second order statistics, and pattern detection using dependencies in second order data – coherence estimates, for example, provide a low-dimensional statistic for the identification of pattern classes. The research will be conducted in tandem with simulations on synthetic data, and actual Internet traffic in real-time using the PlanetLab emulation test-bed. Experimental simulations will not only be used to test algorithms and validate performance bounds, but also to inform and enhance measurement plans and hypotheses. BENEFIT: The proposed research will provide a rigorous mathematical framework for understanding intrusion detection algorithms on computer networks. These algorithms will provide immediate enhancements to current cyber-security efforts, and consequently will benefit computer network security in the corporate sector, all federal agencies, and national infrastructures where breaches of cyber-security are becoming more prevalent and have potentially catastrophic consequences. Thus, the algorithms will help to ensure the integrity of our nation’s sensitive computer networks. Commercially, the development of cybersecurity algorithms and software is a multi-billion dollar industry annually and expected to grow robustly as our nation’s exposure to cyber threats increases.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government